Principal, Incident Response & Digital Forensics Investigator

Ingram Micro. Irvine , CA 92606

Posted 2 months ago

Ingram Micro touches 80% of the technology you use every day with our focus on Technology Solutions, Cloud, and Commerce and Lifecycle Solutions. With $50 billion in revenue, we have become the world's largest technology distributor with operations in 64 countries and more than 35,000 associates.

Your Role:

We are looking for a Principal Incident Response and Digital Forensics Investigator to join our Investigations and Security Incident Response Team. This hands-on technical role shares responsibilities across the team in conducting digital forensics, cyber threat intelligence, e-discovery, executing threat hunts, participating and leading incident response efforts, and implementing threat protection across the enterprise. The candidate will be responsible for conducting investigations related to violations of the company's information security policy. Such investigations require that the investigator have advanced knowledge of investigative techniques (e.g. Reid, Wicklander) and previous law enforcement experience is preferred.

This position has the possibility of being performed remotely (applicant doesn't need to be onsite in Irvine, CA). You may be required to travel and work outside normal business hours at times to satisfy different time zones and offshore teams as well as during emergency security incidents.

Candidate will be responsible for building, maintaining, and improving tools and techniques that power and enable forensics and threat management capabilities. The person in this role reviews and analyzes large and highly complex datasets and information to provide content, conclusions, and actionable recommendations to mitigate risk and stop attackers.

Candidate should have an applied and in-depth understanding of malware, attacker tactics, techniques, and procedures and experience defending organizations from these threats. In addition to having a breadth of technical experience, the candidate should have leadership and customer communication experience.

Key Responsibilities:

  • Be an integral part of the Investigations and Security Incident Response Team (SIRT) in responding to active and time-sensitive threats including communications and coordination across different teams.

  • Perform forensics on network, host, memory, and other artifacts originating from multiple operating systems, applications, or networks and extract IOCs (Indicators of Compromise) and TTP (Tactics, Techniques, and Procedures).

  • Work to create, leverage automation, continuously develop, maintain a mature investigations and incident response program.

  • Build and manage a digital forensic lab, including processes and procedures that would stand up in a legal setting.

  • Work closely with other members of the Information Security team to lead changes in the company's defense posture.

  • Develop new and novel defense techniques to identify and stop advanced adversary tactics and techniques.

  • Collect, analyze, assess, and disseminate information about cyber threats and potential attacks.

  • Develop comprehensive, accurate reports and presentations for both technical and executive audiences.

  • Research the latest security best practices and technologies, staying abreast of new threats and vulnerabilities and helping disseminate this information within the groups at the company.

What you bring to the role:

  • Bachelor's degree in Computer Science, Engineering, Science, Math or Cyber Security related field is required.

  • A year or more working in a "work from home" / remote capacity if working remote.

  • Work Experience: Minimum 10 years functional experience including a minimum of 5+ years directly related to this role in incident response and digital forensics.

  • 3+ years of experience in law enforcement (deputized) investigations (fraud, counterintelligence, high-tech crimes, etc.).

  • 3+ years of experience in interviewing after taking a Reid Technique class (or an equivalent)

  • Experienced with EnCase, FTK, X-Ways, Axiom, SIFT, Splunk, Elastic Stack, Redline, Volatility, WireShark, TCPDump, and open source forensic tools.

  • Deep understanding of internals and constructs of modern operation systems.

  • Proficiency with at least one interpreted programming language (Python, Ruby, etc.) preferred, but not required.

  • Advanced knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security preferred, but not required.

  • Strong understanding of vulnerabilities, common attack vectors and has attacker mindset: ability to think about creative threats and attack vectors.

  • Strong communication (i.e., written and verbal), presentation, teamwork skills and resourcefulness

  • Experience with digital forensics in cloud services a plus

  • Required Certifications: EnCE

  • Preferred Certifications: GCFE, GCFA, GREM, GNFA

  • Pass a proficiency exam related to the role

  • Please be prepared to provide three current work references and pass a criminal background check and drug test.

  • Position may require occasional travel of 20 - 30%, including international travel.

  • This is not a complete listing of the job duties. It's a representation of the things you will be doing, and you may not perform all these duties.

Ingram Micro believes there is no place in our society for social injustice, discrimination or racism. As a company we do not - and will not - tolerate these actions.

Ingram Micro Inc. is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or any other protected category under applicable law.

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Digital Technician

Kimco

Posted 2 days ago

VIEW JOBS 7/1/2020 12:00:00 AM 2020-09-29T00:00 We are proud to partner with companies who follow CDC Guidelines!This growing and reputable company is looking for an experienced Digital Technician! Digital Technician Shift- 8am-5pmPay: $18-$20, DOE Irvine, CA Digital Technician's job responsibilities: Create digital treatment plans per prescriptions from by the treating doctor ("Provider"), through 3D modeling software. Analyze and apply patient-specific clinical instructions received from the provider to create a superior product that delivers the result anticipated by doctors and patients. Interpret requests from doctors and modify digital treatment plans accordingly. Digitally prepare, manipulate, and print digital scans submitted electronically from the provider's office. Identify and support the implementation of improvements in our processes to maintain and increase product quality, reduce design time, and contribute to cost control. Design patient-specific orthodontic appliance per approved prescription by the provider; using CAD software. Adhere to the established Quality System according to FDA guidelines for cGMP. SKILLS AND QUALIFICATIONS: High school diploma; Further education or certification is preferred. Coursework or training related to dental industries. Excellent skills to work with computer tools, and Ability to use basic computer applications. Excellent ability to listen carefully and to interact with colleagues and providers. Ability to take direction and perform with minimal supervision. Must understand timeliness to complete work and meet standard metric requirements. Ability to use basic computer applications. An employee may be required to use protective clothing and gear such as gowns, shoe covers, hair covers, eye protection, and gloves as directed. Lifting and carrying <25 pounds occasionally; pushing and pulling <35 pounds occasionally. The employee is occasionally exposed toshop elements such as noise, dust, fumes, and odors.This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets, and fax machines. To Apply: Email your resume for consideration to hherrera@kimco.com or call for an interview 949-757-4600. About Kimco: With 30 years of award-winning service in California, Kimco offers flexible employment options including temporary, contract and direct hire through our specialized practices: office professionals, accounting operations, technical support, and industrial staffing. Last year we filled more than 22,000 jobs. PandoLogic. Category:Retail, Keywords:Store Worker, Location:Irvine, CA-92604 Kimco Irvine CA

Principal, Incident Response & Digital Forensics Investigator

Ingram Micro.